Vulnerability Description
Buffer overflow in Remote Access Service (RAS) phonebook for Windows NT 4.0, 2000, XP, and Routing and Remote Access Server (RRAS) allows local users to execute arbitrary code by modifying the rasphone.pbk file to use a long dial-up entry.
CVSS Score
HIGH
Affected Products
| Vendor | Product | Versions |
|---|---|---|
| Microsoft | Windows 2000 | All versions |
| Microsoft | Windows Nt | 4.0 |
| Microsoft | Windows Xp | All versions |
References
- http://online.securityfocus.com/archive/1/276776
- http://online.securityfocus.com/archive/1/278145
- http://www.nextgenss.com/vna/ms-ras.txtVendor Advisory
- http://www.securityfocus.com/bid/4852PatchVendor Advisory
- https://docs.microsoft.com/en-us/security-updates/securitybulletins/2002/ms02-02
- https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3
- https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3
- http://online.securityfocus.com/archive/1/276776
- http://online.securityfocus.com/archive/1/278145
- http://www.nextgenss.com/vna/ms-ras.txtVendor Advisory
- http://www.securityfocus.com/bid/4852PatchVendor Advisory
- https://docs.microsoft.com/en-us/security-updates/securitybulletins/2002/ms02-02
- https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3
- https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3
FAQ
What is CVE-2002-0366?
CVE-2002-0366 is a vulnerability with a CVSS score of 7.2 (HIGH). Buffer overflow in Remote Access Service (RAS) phonebook for Windows NT 4.0, 2000, XP, and Routing and Remote Access Server (RRAS) allows local users to execute arbitrary code by modifying the rasphon...
How severe is CVE-2002-0366?
CVE-2002-0366 has been rated HIGH with a CVSS base score of 7.2/10. Review the CVSS metrics above for detailed severity breakdown.
Is there a patch for CVE-2002-0366?
Check the references section above for vendor advisories and patch information. Affected products include: Microsoft Windows 2000, Microsoft Windows Nt, Microsoft Windows Xp.